A new article in InfoSecurity Magazine, discusses a report from ISP specialist Beaming indicated that cyber attacks on UK business increased by 30% in in the first 3 months of 2020. Another indication that cyber criminals increased their activity during the pandemic. It’s just another indicator in the many that have been coming out that cyber criminals have been stepping up their game during the lockdowns and shelter-in-place in many parts of the world. We’ve seen this increase from other studies, including this Dark Reading one and this study from CyberEdge.
In the case of this most recent study, Beaming found 394,000 unique IP addresses used to attack UK businesses in the first quarter of 2020, showing 157,000 attacks on average on each company, or more than one attack a minute. The rate of attacks was 30% higher than in last year’s study in 2019. The targets in this year’s attacks were IoT applications, company databases, and file-sharing systems.
It’s another good reminder that when moving applications to the internet, organizations need to keep security at the top of the checklist. It isn’t enough to rely on the security provided by your service provider or hosting platform. While service providers and hosting companies provide security for their components they aren’t responsible for security for your organization’s assets or applications in the cloud. Couple the lack of security provided by hosting companies and service providers with the increase in attacks, the continued increase in discovered vulnerabilities and the corresponding increase in zero-day attacks on these vulnerabilities, and you’ve got a sure recipe for increased data breaches in our near future. It’s more important than ever to make sure you’ve got security for your web applications and application workloads.
It’s also important to remember that zero-day attacks are becoming more and more sophisticated. With the ingenuity found in each new zero day attack, it’s more than likely the next big zero day attack will have no foundation in a past attack. To detect the next new zero day attack we need to change the way we approach security. We need to look at technologies that don’t rely on past attacks, for example, using deterministic security based on the application itself, rather than past attacks.
K2’s runtime deterministic application security platform monitors the application and has a deep understanding of the application’s control flows, DNA and execution. By validating the application’s control flows, deterministic security is based on the application itself, rather than relying on past attacks to determine a zero day attack. Deterministic security results in the detection of sophisticated zero day attacks.
K2’s Next Generation Application Workload Protection Platform addresses today’s need for runtime security in an easy to use, easy to deploy solution. K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application. To aid in quick remediation of vulnerabilities, K2 also provides detailed attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.
Change how you protect your applications.